Fi 🏳️⚧️Hey so,
This windows recall thing?
Enables domestic abuse.
Like, flat-out.
This 'feature' means that someone in an abusive relationship now has a canonized part of the OS monitoring their activities that can be then invoked and studied by the abuser.
Ain't no amount of -group policy- bullshit gonna fix this,
because Microsoft -doesn't allow- the granularity of administration required to defuse this for non-corporate users.
infosec zathras@munin Corporate legal will shit themselves^W^Whave a field day with this.
I'm genuinely curious to hear from corp lawyers, tbh. I have an -idea- about what they'd say, but I would genuinely value that point of view for this.
@munin Yeah, I don't have any that deal in corporate law to refer to, unfortunately.
But given the corp infosuck policy training I have to go through every year, I'm pretty certain my people would be screaming holy hell about discovery. Hell, I'm surprised they haven't disabled the Spotlight feature on my Mac, or whatever the Windows equivalent is.
Oh hells, I hadn't even gotten to considering the 'discovery' threat surface to this. Yowza, that's gonna be spicy as fuck.
@munin Ya think, DiNozzo? 🤣
Discovery was the third thing that came to mind, after "advertising" and "AI training for *redacted* purposes".
In fairness, my situation's a lot more compliance and malware research flavored, and the DV implications have me -extremely- shook given some past context.
But that's what friends are for, to give different points of view.
pmbAustinI'm curious how easy this "feature" will be to turn off. Or filter/limit. Or in any way control. We haven't seen that yet. But there has to be some way to exclude or disable the feature. And if not out-of-the-box, I assume some PowerToys or other 3rd party utility will soon be available to do just that.
Does not matter.
If the code is on the box, the box is systemically unsafe.
Fi, infosec-aspected (@[email protected])
How -do- you fix this? You do not put the capability to automate screen-scraping into the OS as a canonized feature. Yes, this does not stop screen scraping from being possible - it's been around for years. Disallowing it from the canonical image -of- the OS, however, means that there is an increased barrier in the way of implementing this: an abuser will need to learn how to implement this, and will need to rely on third-party software not integrated into the OS as expected functionality. This in turn means that abuse victims are able to rely on tools already in-use to remove third-party software from the computer in order to have more assurance of private operation. Yes, no single measure is capable of ensuring safety. This is why it's a security -system- and not a security -item-; systemic effects require an understanding of the entire context in order to evaluate the safety or unsafety of the system.